2

Possible Duplicate:
How to turn off magic quotes on shared hosting?

I've been at my wits ends all day trying to disable magic quotes in my WordPress Theme...

I've tried both the .htaccess and php.ini (and php5.ini) file methods but the .htaccess gave me a 500 internal sever error (my host is GoDaddy) and the php.ini method just didn't work. I've also tried the php method with dozens of different code I've found online, this being one of them:

if (get_magic_quotes_gpc()) 
{
function remove_slash(&$value)
{
$value = stripslashes($value);
}
array_walk_recursive($_GET, "remove_slash");
array_walk_recursive($_POST, "remove_slash");
array_walk_recursive($_COOKIE, "remove_slash");
array_walk_recursive($_REQUEST, "remove_slash");
}

However, not a single one of them have got rid of those annoying backslashes! If someone on here manages to solve this issue for me I'd really appreciate it.

Community
  • 1
  • 1
Emily Harris
  • 147
  • 3
  • 14
  • remove_slash function is defined right in her example – Davit Oct 25 '12 at 20:17
  • On later PHP versions settings may go into `.user.ini` files instead. On FCGI setups there might be local php.inis even. – mario Oct 25 '12 at 20:17
  • 1
    possible duplicate of [How to turn off magic quotes on shared hosting?](http://stackoverflow.com/questions/517008/how-to-turn-off-magic-quotes-on-shared-hosting) and the easy to google: http://stackoverflow.com/questions/4303840/php-go-daddy-and-magic-quotes-gpc – mario Oct 25 '12 at 20:18
  • **You cannot disable them** as WordPress is enabling them in the first place. Regardless of your hosting settings, **WordPress security by stupidity** slashes everything thinking that makes stuff safe. Cute! – CodeAngry Oct 29 '12 at 19:41

1 Answers1

1

On my project I use this:

if (get_magic_quotes_gpc()) {
    $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
    while (list($key, $val) = each($process)) {
        foreach ($val as $k => $v) {
            unset($process[$key][$k]);
            if (is_array($v)) {
                $process[$key][stripslashes($k)] = $v;
                $process[] = &$process[$key][stripslashes($k)];
            } else {
                $process[$key][stripslashes($k)] = stripslashes($v);
            }
        }
    }
    unset($process);
}

I put it in the runtime and it works.

I also know how to disable it via .htaccess.

php_flag magic_quotes_gpc off

I am sure these both work.

Davit
  • 1,394
  • 5
  • 21
  • 47